Heroku is a platform as a service (PaaS) that lets companies build, deliver, monitor, and scale apps.

#some notes for deploying apps to heroku
# Login to heroku cli
heroku login

# From your project directory initialize a git repository if you have not already done so and stage a commit, and verify that everything was committed
git init && git add . && git commit -m "First commit" && git status

# Create an heroku app
heroku apps:create name_of_the_app
Creating app... done, someappp-name-8848
https://someappp-name-8848.herokuapp.com/ | https://git.heroku.com/someappp-name-8848.git

# You can verify that the remote was added to your project by running
git config --list | grep heroku
remote.heroku.url=https://git.heroku.com/someappp-name-8848.git
remote.heroku.fetch=+refs/heads/*:refs/remotes/heroku/*

# To deploy your code
git push heroku master
git push heroku someotherbranch:master

# Migrate your database
heroku run rake db:migrate

# Visit your application
# To ensure that we have 1 dyno running the web process do:
heroku ps:scale web=1

# To check the state of the app's dynos
heroku ps

# To visit the app in the browser
heroku open

# View the logs
heroku logs

# To tail the full stream of logs
heroku logs --tail

# Rails console
heroku runs rails console
irb(main):001:0>

# Rake can be run as an attached process exactly like the console:
heroku run rake db:migrate

Here is how we can obtain a private key and a certificate from a PFX file (Personal Information Exchange format) also called PKCS #12

# To extract the private key, do the following which will generate key.pem
openssl pkcs12 -in somepfxfile.pfx -nocerts -out key.pem -nodes

# To extract the certificate, do the following which will generate cert.pem
openssl pkcs12 -in somepfxfile.pfx -nokeys -out cert.pem

# To remove the passphrase from the private key, do the following which will generate server.key
openssl rsa -in key.pem -out server.key
# Now that we have the certificate - cert.pem and the key - server.key, we can start adding SSL endpoints to our app
# Creating the addon
# heroku addons:create ssl:endpoint --type endpoint --app [name of the app]

# Adding the certificate with the key to the endpoint
# heroku certs:add [path to the certificate] [path to the key] --type endpoint --app [name of the app]

# Adding domains
# heroku domains:add [domain] --app [name of the app]
heroku domains:add [xy.com] --app yourappsname  # A message that says [domain] is currently in use by another app is expected if you try to use the same wildcard domain for more than one app in your account

# Removing domains
# heroku domains:remove [domain] --app [name of the app]

# Removing a certificate endpoint
# heroku certs:remove --endpoint [name-of-the-endpoint] --app [name of the app]

# Looking up the domains
# heroku domains --app [name of the app]
heroku domains --app yourappsname

# Looking at the certificate end points
# heroku certs --app [name of the app]
heroku certs --app yourappsname

# Looking at the certificate info in detail
# heroku certs:info --app [name of the app]
heroku certs:info --app yourappsname

So here is what we need to do to establish custom domains:

1. Add the certificate endpoint to an app as described above ( use the heroku cli for this NOT the dashboard)
2. That will generate an ssl endpoint such as example-2948.herokussl.com for the app (and in case of a wildcard certificate it will also automatically add a wildcard domain for the app)
3. All other custom domains can be added by using the heroku domains:add command or from the heroku dashboard, for example you can say heroku domains:add [somecustomname] --app [name of the app]
4. Add a DNS entry to your organizations domain controller. For example, make a Cannonical Name (CNAME) entry for  [somecustomname].yourdomain that maps to (example-2948.herokussl.com) the heroku SSL endpoint obtained in step 1 & 2
5. Now [somecustomname].yourdomain needs to be registered with a domain name registrar such as HostGator or GoDaddy or Register.com etc so that the world can reach your domain ( and not just the devices in your organizations domain)